Added the ability to set redirectToHttps in the server config to automatically redirect requests. The list httpAllowedHosts in the server config can be used to specify specific hosts for which http access is still allowed.

3.0.0-test-1

Diff

kring

published 3.0.0-test-1 • 6 years ago

2.7.4

Diff

kring

published 2.7.4 • 6 years ago

Changelog

Source

2.7.4

The proxy now verifies that the target of a server-side redirect (e.g. HTTP 301 status code) is in the whitelist. If it's not, the redirect is returned to the client instead of handled on the server.
Added a list of IP addresses that the proxy will refuse to connect to, even if resolved from a hostname that is in the proxy whitelist. By default, the list includes all IP addresses that are not normal, internet-routable addresses. The list can be customized by setting blackedlistedAddresses in the config file. If your server has privileged access to any internet-routable addresses, be sure to add those addresses to the blacklist.

2.7.3

Diff

kring

published 2.7.3 • 6 years ago

Changelog

Source

2.7.3

Proxy authentication can now optionally be specified with the proxyAuth key in the --config-file, as an alternative to --proxy-auth.

2.7.2

Diff

kring

published 2.7.2 • 6 years ago

Changelog

Source

2.7.2

When using --proxy-auth to automatically supply HTTP basic authentication credentials, and the remote server returns 403 (Forbidden), we now retry the request without the credentials. This will usually result in the server responding with a 401 (Unauthorized), causing the user's browser to prompt for credentials. This is useful when some of the resources on the server are not available with the automatic credentials but will work if more powerful credentials are supplied.

2.7.1

Diff

kring

published 2.7.1 • 7 years ago

Changelog

Source

2.7.1

Added support for server-supplied custom headers, by extending the process used to insert the basic http auth header authorization.
Running with --public false now runs just a single server process, to support easier debugging.
Improved validation of the Esri token configuration.
Fixed a problem where a proxy error (such as an invalid content length) detected after the proxy had started sending the response would cause the worker to crash with an exception saying "Can't set headers after they are sent."
Added Strict-Transport-Security to the list of response headers that are not passed through to the client by the proxy.

2.7.0

Diff

kring

published 2.7.0 • 7 years ago

Changelog

Source

2.7.0

Added esri-token-auth service which is able to request tokens from ESRI token servers with username / password authentication and forward them on to anonymous clients.

2.6.7

Diff

kring

published 2.6.7 • 8 years ago

Changelog

Source

2.6.7

Allow setting the size limit for proxy POST requests using proxyPostSizeLimit in the server config. If no unit is specified bytes is assumed, or use some reasonable unit like 'kb' for kilobytes or 'mb' for megabytes.

2.6.6

Diff

kring

published 2.6.6 • 8 years ago

Changelog

Source

2.6.6

Fixed a bug that caused Content-Length: 0 to be included in proxied GET requests.

2.6.5

Diff

kring

published 2.6.5 • 8 years ago

Changelog

Source

2.6.5

No code changes, but fixes permissions on the run_server script which prevented it from starting (due to 2.6.4 being published from a Windows system, again).

…

terriajs-server - npm Package Versions

2.8.0

.css-1z04cui{margin-bottom:var(--chakra-space-4);font-size:var(--chakra-fontSizes-md);}2.8.0

3.0.0-test-1

2.7.4

2.7.4

2.7.3

2.7.3

2.7.2

2.7.2

2.7.1

2.7.1

2.7.0

2.7.0

2.6.7

2.6.7

2.6.6

2.6.6

2.6.5

2.6.5

2.8.0